[Buildroot] [PATCH] package/rng-tools: make jitterentropy conditional

Yegor Yefremov yegorslists at googlemail.com
Tue Feb 11 15:21:32 UTC 2020


Hi Matt,

On Tue, Feb 11, 2020 at 4:06 PM Matthew Weber
<matthew.weber at rockwellcollins.com> wrote:
>
> Peter,
>
>
> On Sat, Feb 8, 2020 at 1:13 PM Peter Korsgaard <peter at korsgaard.com> wrote:
> >
> > >>>>> "Matthew" == Matthew Weber <matthew.weber at rockwellcollins.com> writes:
> >
> >  > Thomas,
> >  > On Wed, Feb 5, 2020 at 2:46 PM Matthew Weber
> >  > <matthew.weber at rockwellcollins.com> wrote:
> >  >>
> >  >> Thomas,
> >  >>
> >  >> On Wed, Feb 5, 2020 at 1:33 PM Thomas Petazzoni
> >  >> <thomas.petazzoni at bootlin.com> wrote:
> >  >> >
> >  >> > On Wed,  5 Feb 2020 12:26:08 -0600
> >  >> > Matt Weber <matthew.weber at rockwellcollins.com> wrote:
> >  >> >
> >  >> > > The update of rng-tools from 5 to 6.7 introduced a change where
> >  >> > > the jitterentropy library was enabled by default instead of
> >  >> > > returning a special 66 return code to hangle the case of no
> >  >> > > hwrng. This patch reverts that change and allows a user to
> >  >> > > select when to enable the jitterentropy source. The bug
> >  >> > > documents an issue of when a hwrng is enabled with jitterentropy
> >  >> > > there is a longer boot time.
> >  >> >
> >  >> > I don't understand this story of the 66 return code. Could you explain
> >  >> > a bit more ?
> >  >>
> >  >> In Buildroot commit 22cb51e1 the systemd support addition included the
> >  >> successcode change based on the Fedora bugfix for ignoring if no hwrng
> >  >> is present (https://bugzilla.redhat.com/show_bug.cgi?id=892178).
> >
> >  > Ryan Barnett noticed that rng-tools dropped the special return code.
> >  > I guess we could just drop support for this special case as well....
> >  > https://github.com/nhorman/rng-tools/blob/v6.8/rngd.c#L805
> >
> > Has that Fedora patch ever been included upstream? I don't seem to find
> > it in the history.
>
> It doesn't look like it.  I'm wondering if we should just drop this
> systemd unit return behavior and put a comment in the service file
> about enabling an entropy package if this service fails without a
> hardware rng present.  Seems too complicated to try and cover this
> special case.
>
> >
> > I btw see there is a 6.9 release with more bugfixes, care to send a
> > patch bumping the version?
>
> I'll review the one that was just sent.  I also ping'd the original
> bug report to see if they could test with this bump as there are a
> number of minor jitterentropy related fixes.
> http://patchwork.ozlabs.org/patch/1235396/

We had similar issue today with am335x (kernel 5.4.x). Bumping
rng-tools to v6.9 helped.

The next bump will be more interesting as rng-tools moves to openssl
instead of libgcrypt and this dependency is mandatory.

Yegor


More information about the buildroot mailing list